This week's articles
Escalating from Logic App Contributor to Root Owner in Azure
Having Contributor access to an Azure Resource Manager (ARM) API Connection would allow you to create arbitrary role assignments as the connected user. This was supposed to be limited to actions at the Resource Group level, but an attacker could escape to the Subscription or Root level with a path traversal payload.
#attack
#azure
Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities
Users able to create a pod could have abused these to (1) escape their pod and compromise the underlying node, (2) escalate privileges and become full cluster administrators, and (3) covertly persist administrative access through backdoors that are completely invisible to cluster operators.
#attack
#gcp
#kubernetes
HCP Packer Is Now Generally Available
HCP Packer provides automation, collaboration, and security for managing images across multiple clouds. It includes image security and compliance workflows with Terraform Cloud.
#announcement
#build
#ci/cd
#terraform
Google Announces Intent to Acquire Mandiant
From the statement: "As a recognized leader in strategic security advisory and incident response services, Mandiant brings real-time and in-depth threat intelligence gained on the frontlines of cybersecurity with the largest organizations in the world."
#announcement
#gcp
|